DOCSLIB.ORG

FROBENIUS PSEUDOPRIMES 1. Introduction Fermat's Little Theorem

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

MATHEMATICS OF COMPUTATION Volume 70, Number 234, Pages 873{891 S 0025-5718(00)01197-2 Article electronically published on March 1, 2000 FROBENIUS PSEUDOPRIMES JON GRANTHAM Abstract. The proliferation of probable prime tests in recent years has pro- duced a plethora of definitions with the word \pseudoprime" in them. Exam- ples include pseudoprimes, Euler pseudoprimes, strong pseudoprimes, Lucas pseudoprimes, strong Lucas pseudoprimes, extra strong Lucas pseudoprimes and Perrin pseudoprimes. Though these tests represent a wealth of ideas, they exist as a hodge-podge of definitions rather than as examples of a more general theory. It is the goal of this paper to present a way of viewing many of these tests as special cases of a general principle, as well as to re-formulate them in the context of finite fields. One aim of the reformulation is to enable the creation of stronger tests; another is to aid in proving results about large classes of pseudoprimes. 1. Introduction Fermat's Little Theorem tells us that ap−1 ≡ 1modp for p an odd prime; thus we have an easy way to prove that many numbers are composite. For example, since 290 ≡ 64 mod 91, we prove that 91 is composite. The technique of repeated squaring can be used to perform the required exponentiation very rapidly. This test is not foolproof. In particular, 2340 ≡ 1 mod 341. Composites which fool the test with a = 2 are called pseudoprimes, and in general, composites n with an−1 ≡ 1modn are pseudoprimes to the base a. The existence of such numbers provides incentive to create other tests which are similarly fast, but which may have fewer, or at least different, \pseudoprimes." Two of these tests are more elaborate versions of the test described above and create the notions of Euler pseudoprime and strong pseudoprime. Most other tests, however, involve recurrence sequences. One reason that pseu- doprimes based on recurrence sequences have attracted interest is that the pseudo- primes for these sequence are often different from ordinary pseudoprimes. In fact, nobody has claimed the $620 offered for a Lucas pseudoprime with parameters (1; −1) (see Section 2 for a definition of this term), congruent to 2 or 3 mod 5, that is also a pseudoprime to the base 2 [22], [14]. Furthermore, some tests based on higher order recurrence sequences seem to have few pseudoprimes. Adams and Shanks [2] introduced such a test based on a third order recurrence sequence known as Perrin's sequence. A problem with tests based on recurrence sequences is that analysis of the tests can be difficult. For example, the concepts of Lucas and Lehmer pseudoprimes have been analyzed separately in the literature. In Section 2, we show that they are equivalent definitions. Received by the editor January 6, 1998 and, in revised form, March 29, 1999. 2000 Mathematics Subject Classification. Primary 11Y11. c 2000 American Mathematical Society 873 License or copyright restrictions may apply to redistribution; see https://www.ams.org/journal-terms-of-use 874 JON GRANTHAM Instead of recurrence sequences, the language used in this paper is that of finite fields. In particular, when n is a prime, f(x) 2 Z[x], and n does not divide disc(f), the residue ring Z[x]=(n; f(x)) is a product of finite fields of characteristic n.When n is composite, this ring is not equal to such a product. For a given composite n,this fact is often easy to discover, thus providing a quick proof of the compositeness of n. Using properties of finite fields, we establish the definition of Frobenius probable prime, which is a generalization, and sometimes a strengthening, of many existing definitions. We introduce the concept of Frobenius pseudoprimes, not to inflict a new and different notion of pseudoprimality on the mathematical world, but to show that many existing pseudoprimality tests can be generalized and described in terms of finite fields. In fact, we show that some specific instances of the Frobenius pseudoprime test are equivalent to other pseudoprimality tests, and stronger than many of them. In [11], we use the structure given by the introduction of finite fields to show that the probability of error in declaring a number \prime" using a certain Frobenius 1 test is less than 7710 . In 1980, Monier [19] and Rabin [23] proved that the Strong 1 Probable Prime Test has probability of error at most 4 . Although the test intro- duced in [11] has asymptotic running time three times that of the Strong Probable 1 Prime Test, the proven bound on the error is much smaller than the 64 achieved through three Strong Probable Prime Tests. Perhaps the primary benefit of this approach is that instead of having to prove ten different theorems about ten different types of pseudoprimes, one can prove one theorem about Frobenius pseudoprimes and apply it to each type of pseudoprime. In [12], the techniques of [3] are used to prove that for any monic, squarefree polynomial, there are infinitely many Frobenius pseudoprimes. In particular, this theorem answers a 1982 conjecture of Adams and Shanks [2] that there are in- finitely many Perrin pseudoprimes. It also proves the infinitude of the types of pseudoprimes defined by Gurak [13] and Szekeres [27]. We should note that the idea of primality testing in finite fields is not entirely new. Lenstra's Galois Theory Test [17] is a method of proving primality using finite fields. In [10], I describe the relation between the two ideas. The combination of finite fields and pseudoprimes also exists implicitly in some other works, such as [27]. The goal here, however, is different. I am trying to provide a clear theoretical framework in which various existing probable prime tests can be generalized and analyzed. 2. A wealth of pseudoprimes For the purposes of this paper, the following test for primality will be considered foolproof. If an integer is denoted by the letter p,thenp is prime. If q is a prime power, we let Fq denote a finite field with q elements. We begin by reviewing many of the existing notions of pseudoprimality. Each of these definitions of \pseudoprime" characterizes composite numbers with a certain property. In each of these cases, it can be proven that all prime numbers (with a finite, known set of exceptions) have this property. This paper does not pretend to be an exhaustive treatment of all notions of pseudoprimality. For example, nothing is said about elliptic pseudoprimes [8]. License or copyright restrictions may apply to redistribution; see https://www.ams.org/journal-terms-of-use FROBENIUS PSEUDOPRIMES 875 Fermat's Little Theorem tells us that if p is prime, then ap−1 ≡ 1modp,ifp - a. The original notion of a pseudoprime (sometimes called a Fermat pseudoprime) involves counterexamples to the converse of this theorem. Definition. A pseudoprime to the base a is a composite number n such an−1 ≡ 1modn. Definition. Anumbern which is a pseudoprime to all bases a with (a; n)=1is a Carmichael number. (p−1)=2 ≡ a a We also know that if p is an odd prime, then a p mod p,where p is the Jacobi symbol. The converse of this theorem leads to the definition of Euler pseudoprime, due to Raphael Robinson [24]. Definition. An Euler pseudoprime to the base a is an odd composite number n (n−1)=2 ≡ a with (a; n) = 1 such that a n mod n. An Euler pseudoprime to the base a is also a pseudoprime to the base a. k If n ≡ 1 mod 4, we can also look at a(n−1)=2 for k>1, and doing so gives us the definition of strong pseudoprime [22], due independently to R. Dubois and John Selfridge. Definition. A strong pseudoprime to the base a is an odd composite n =2rs +1 t with s odd such that either as ≡ 1modn,ora2 s ≡−1 for some integer t,with r>t≥ 0. A strong pseudoprime to the base a is also an Euler pseudoprime to the base a [19], [22]. It is possible to define notions of pseudoprimality based on congruence properties of recurrence sequences. The simplest of these are based on the Lucas sequences Un(P; Q), where P and Q are integers, U0 =0,U1 =1andUn = PUn−1 − QUn−2. (When P =1andQ = −1, this is the Fibonacci sequence.) We recall the fact that we can express Un in terms of roots of the polynomial f(x)=x2 − Px + Q.Ifα and β are roots of f(x) in a commutative ring (with n n identity), with α − β invertible, then Un =(α − β )=(α − β). By induction on n, this equality holds even if there are more than two distinct roots of f(x). 2 Theorem 2.1. Let Un = Un(P; Q) and ∆=P − 4Q.Ifp - 2Q∆,thenU − ∆ ≡ p ( p ) 0modp. - 2 − F¯ Proof. Since p ∆, x Px+ Q has distinct roots, α and β,in p. ∆ F p−1 ≡ If p =1,thenf(x)factorsmodp,andα and β are in p.Thusα p−1 ≡ ≡ − − β 1mod p.SoUp−1 (1 1)=(α β)=0modp. ∆ − F If p = 1, then f(x) does not factor, and the roots of f(x) lie in p2 .The Frobenius automorphism permutes the roots of f(x), so αp ≡ β and βp ≡ α.Thus Up+1 ≡ (αβ − βα)=(α − β)=0modp. 2 Definition. Let Un = Un(P; Q)and∆=P − 4Q.ALucas pseudoprime with parameters (P; Q)isacompositen with (n; 2Q∆) = 1 such that U − ∆ ≡ 0modn. n ( n ) Baillie and Wagstaff [7] gave a version of this test that is analogous to the strong pseudoprime test.
Recommended publications
  • Fast Tabulation of Challenge Pseudoprimes Andrew Shallue and Jonathan Webster

    Fast Tabulation of Challenge Pseudoprimes Andrew Shallue and Jonathan Webster

    THE OPEN BOOK SERIES 2 ANTS XIII Proceedings of the Thirteenth Algorithmic Number Theory Symposium Fast tabulation of challenge pseudoprimes Andrew Shallue and Jonathan Webster msp THE OPEN BOOK SERIES 2 (2019) Thirteenth Algorithmic Number Theory Symposium msp dx.doi.org/10.2140/obs.2019.2.411 Fast tabulation of challenge pseudoprimes Andrew Shallue and Jonathan Webster We provide a new algorithm for tabulating composite numbers which are pseudoprimes to both a Fermat test and a Lucas test. Our algorithm is optimized for parameter choices that minimize the occurrence of pseudoprimes, and for pseudoprimes with a fixed number of prime factors. Using this, we have confirmed that there are no PSW-challenge pseudoprimes with two or three prime factors up to 280. In the case where one is tabulating challenge pseudoprimes with a fixed number of prime factors, we prove our algorithm gives an unconditional asymptotic improvement over previous methods. 1. Introduction Pomerance, Selfridge, and Wagstaff famously offered $620 for a composite n that satisfies (1) 2n 1 1 .mod n/ so n is a base-2 Fermat pseudoprime, Á (2) .5 n/ 1 so n is not a square modulo 5, and j D (3) Fn 1 0 .mod n/ so n is a Fibonacci pseudoprime, C Á or to prove that no such n exists. We call composites that satisfy these conditions PSW-challenge pseudo- primes. In[PSW80] they credit R. Baillie with the discovery that combining a Fermat test with a Lucas test (with a certain specific parameter choice) makes for an especially effective primality test[BW80].
  • FACTORING COMPOSITES TESTING PRIMES Amin Witno

    FACTORING COMPOSITES TESTING PRIMES Amin Witno

    WON Series in Discrete Mathematics and Modern Algebra Volume 3 FACTORING COMPOSITES TESTING PRIMES Amin Witno Preface These notes were used for the lectures in Math 472 (Computational Number Theory) at Philadelphia University, Jordan.1 The module was aborted in 2012, and since then this last edition has been preserved and updated only for minor corrections. Outline notes are more like a revision. No student is expected to fully benefit from these notes unless they have regularly attended the lectures. 1 The RSA Cryptosystem Sensitive messages, when transferred over the internet, need to be encrypted, i.e., changed into a secret code in such a way that only the intended receiver who has the secret key is able to read it. It is common that alphabetical characters are converted to their numerical ASCII equivalents before they are encrypted, hence the coded message will look like integer strings. The RSA algorithm is an encryption-decryption process which is widely employed today. In practice, the encryption key can be made public, and doing so will not risk the security of the system. This feature is a characteristic of the so-called public-key cryptosystem. Ali selects two distinct primes p and q which are very large, over a hundred digits each. He computes n = pq, ϕ = (p − 1)(q − 1), and determines a rather small number e which will serve as the encryption key, making sure that e has no common factor with ϕ. He then chooses another integer d < n satisfying de % ϕ = 1; This d is his decryption key. When all is ready, Ali gives to Beth the pair (n; e) and keeps the rest secret.
  • A Member of the Order of Minims, Was a Philosopher, Mathematician, and Scientist Who Wrote on Music, Mechanics, and Optics

    A Member of the Order of Minims, Was a Philosopher, Mathematician, and Scientist Who Wrote on Music, Mechanics, and Optics

    ON THE FORM OF MERSENNE NUMBERS PREDRAG TERZICH Abstract. We present a theorem concerning the form of Mersenne p numbers , Mp = 2 − 1 , where p > 3 . We also discuss a closed form expression which links prime numbers and natural logarithms . 1. Introduction. The friar Marin Mersenne (1588 − 1648), a member of the order of Minims, was a philosopher, mathematician, and scientist who wrote on music, mechanics, and optics . A Mersenne number is a number of p the form Mp = 2 − 1 where p is an integer , however many authors prefer to define a Mersenne number as a number of the above form but with p restricted to prime values . In this paper we shall use the second definition . Because the tests for Mersenne primes are relatively simple, the record largest known prime number has almost always been a Mersenne prime . 2. A theorem and closed form expression Theorem 2.1. Every Mersenne number Mp , (p > 3) is a number of the form 6 · k · p + 1 for some odd possitive integer k . Proof. In order to prove this we shall use following theorems : Theorem 2.2. The simultaneous congruences n ≡ n1 (mod m1) , n ≡ n2 (mod m2), .... ,n ≡ nk (mod mk) are only solvable when ni = nj (mod gcd(mi; mj)) , for all i and j . i 6= j . The solution is unique modulo lcm(m1; m2; ··· ; mk) . Proof. For proof see [1] Theorem 2.3. If p is a prime number, then for any integer a : ap ≡ a (mod p) . Date: January 4 , 2012. 1 2 PREDRAG TERZICH Proof.
  • The Pseudoprimes to 25 • 109

    The Pseudoprimes to 25 • 109

    MATHEMATICS OF COMPUTATION, VOLUME 35, NUMBER 151 JULY 1980, PAGES 1003-1026 The Pseudoprimes to 25 • 109 By Carl Pomerance, J. L. Selfridge and Samuel S. Wagstaff, Jr. Abstract. The odd composite n < 25 • 10 such that 2n_1 = 1 (mod n) have been determined and their distribution tabulated. We investigate the properties of three special types of pseudoprimes: Euler pseudoprimes, strong pseudoprimes, and Car- michael numbers. The theoretical upper bound and the heuristic lower bound due to Erdös for the counting function of the Carmichael numbers are both sharpened. Several new quick tests for primality are proposed, including some which combine pseudoprimes with Lucas sequences. 1. Introduction. According to Fermat's "Little Theorem", if p is prime and (a, p) = 1, then ap~1 = 1 (mod p). This theorem provides a "test" for primality which is very often correct: Given a large odd integer p, choose some a satisfying 1 <a <p - 1 and compute ap~1 (mod p). If ap~1 pi (mod p), then p is certainly composite. If ap~l = 1 (mod p), then p is probably prime. Odd composite numbers n for which (1) a"_1 = l (mod«) are called pseudoprimes to base a (psp(a)). (For simplicity, a can be any positive in- teger in this definition. We could let a be negative with little additional work. In the last 15 years, some authors have used pseudoprime (base a) to mean any number n > 1 satisfying (1), whether composite or prime.) It is well known that for each base a, there are infinitely many pseudoprimes to base a.
  • A Clasification of Known Root Prime-Generating

    A Clasification of Known Root Prime-Generating

    Special properties of the first absolute Fermat pseudoprime, the number 561 Marius Coman Bucuresti, Romania email: [email protected] Abstract. Though is the first Carmichael number, the number 561 doesn’t have the same fame as the third absolute Fermat pseudoprime, the Hardy-Ramanujan number, 1729. I try here to repair this injustice showing few special properties of the number 561. I will just list (not in the order that I value them, because there is not such an order, I value them all equally as a result of my more or less inspired work, though they may or not “open a path”) the interesting properties that I found regarding the number 561, in relation with other Carmichael numbers, other Fermat pseudoprimes to base 2, with primes or other integers. 1. The number 2*(3 + 1)*(11 + 1)*(17 + 1) + 1, where 3, 11 and 17 are the prime factors of the number 561, is equal to 1729. On the other side, the number 2*lcm((7 + 1),(13 + 1),(19 + 1)) + 1, where 7, 13 and 19 are the prime factors of the number 1729, is equal to 561. We have so a function on the prime factors of 561 from which we obtain 1729 and a function on the prime factors of 1729 from which we obtain 561. Note: The formula N = 2*(d1 + 1)*...*(dn + 1) + 1, where d1, d2, ...,dn are the prime divisors of a Carmichael number, leads to interesting results (see the sequence A216646 in OEIS); the formula M = 2*lcm((d1 + 1),...,(dn + 1)) + 1 also leads to interesting results (see the sequence A216404 in OEIS).
  • Arxiv:1412.5226V1 [Math.NT] 16 Dec 2014 Hoe 11

    Arxiv:1412.5226V1 [Math.NT] 16 Dec 2014 Hoe 11

    q-PSEUDOPRIMALITY: A NATURAL GENERALIZATION OF STRONG PSEUDOPRIMALITY JOHN H. CASTILLO, GILBERTO GARC´IA-PULGAR´IN, AND JUAN MIGUEL VELASQUEZ-SOTO´ Abstract. In this work we present a natural generalization of strong pseudoprime to base b, which we have called q-pseudoprime to base b. It allows us to present another way to define a Midy’s number to base b (overpseudoprime to base b). Besides, we count the bases b such that N is a q-probable prime base b and those ones such that N is a Midy’s number to base b. Furthemore, we prove that there is not a concept analogous to Carmichael numbers to q-probable prime to base b as with the concept of strong pseudoprimes to base b. 1. Introduction Recently, Grau et al. [7] gave a generalization of Pocklignton’s Theorem (also known as Proth’s Theorem) and Miller-Rabin primality test, it takes as reference some works of Berrizbeitia, [1, 2], where it is presented an extension to the concept of strong pseudoprime, called ω-primes. As Grau et al. said it is right, but its application is not too good because it is needed m-th primitive roots of unity, see [7, 12]. In [7], it is defined when an integer N is a p-strong probable prime base a, for p a prime divisor of N −1 and gcd(a, N) = 1. In a reading of that paper, we discovered that if a number N is a p-strong probable prime to base 2 for each p prime divisor of N − 1, it is actually a Midy’s number or a overpseu- doprime number to base 2.
  • A FEW FACTS REGARDING NUMBER THEORY Contents 1

    A FEW FACTS REGARDING NUMBER THEORY Contents 1

    A FEW FACTS REGARDING NUMBER THEORY LARRY SUSANKA Contents 1. Notation 2 2. Well Ordering and Induction 3 3. Intervals of Integers 4 4. Greatest Common Divisor and Least Common Multiple 5 5. A Theorem of Lam´e 8 6. Linear Diophantine Equations 9 7. Prime Factorization 10 8. Intn, mod n Arithmetic and Fermat's Little Theorem 11 9. The Chinese Remainder Theorem 13 10. RelP rimen, Euler's Theorem and Gauss' Theorem 14 11. Lagrange's Theorem and Primitive Roots 17 12. Wilson's Theorem 19 13. Polynomial Congruencies: Reduction to Simpler Form 20 14. Polynomial Congruencies: Solutions 23 15. The Quadratic Formula 27 16. Square Roots for Prime Power Moduli 28 17. Euler's Criterion and the Legendre Symbol 31 18. A Lemma of Gauss 33 −1 2 19. p and p 36 20. The Law of Quadratic Reciprocity 37 21. The Jacobi Symbol and its Reciprocity Law 39 22. The Tonelli-Shanks Algorithm for Producing Square Roots 42 23. Public Key Encryption 44 24. An Example of Encryption 47 References 50 Index 51 Date: October 13, 2018. 1 2 LARRY SUSANKA 1. Notation. To get started, we assume given the set of integers Z, sometimes denoted f :::; −2; −1; 0; 1; 2;::: g: We assume that the reader knows about the operations of addition and multiplication on integers and their basic properties, and also the usual order relation on these integers. In particular, the operations of addition and multiplication are commuta- tive and associative, there is the distributive property of multiplication over addition, and mn = 0 implies one (at least) of m or n is 0.
  • Appendix a Tables of Fermat Numbers and Their Prime Factors

    Appendix a Tables of Fermat Numbers and Their Prime Factors

    Appendix A Tables of Fermat Numbers and Their Prime Factors The problem of distinguishing prime numbers from composite numbers and of resolving the latter into their prime factors is known to be one of the most important and useful in arithmetic. Carl Friedrich Gauss Disquisitiones arithmeticae, Sec. 329 Fermat Numbers Fo =3, FI =5, F2 =17, F3 =257, F4 =65537, F5 =4294967297, F6 =18446744073709551617, F7 =340282366920938463463374607431768211457, Fs =115792089237316195423570985008687907853 269984665640564039457584007913129639937, Fg =134078079299425970995740249982058461274 793658205923933777235614437217640300735 469768018742981669034276900318581864860 50853753882811946569946433649006084097, FlO =179769313486231590772930519078902473361 797697894230657273430081157732675805500 963132708477322407536021120113879871393 357658789768814416622492847430639474124 377767893424865485276302219601246094119 453082952085005768838150682342462881473 913110540827237163350510684586298239947 245938479716304835356329624224137217. The only known Fermat primes are Fo, ... , F4 • 208 17 lectures on Fermat numbers Completely Factored Composite Fermat Numbers m prime factor year discoverer 5 641 1732 Euler 5 6700417 1732 Euler 6 274177 1855 Clausen 6 67280421310721* 1855 Clausen 7 59649589127497217 1970 Morrison, Brillhart 7 5704689200685129054721 1970 Morrison, Brillhart 8 1238926361552897 1980 Brent, Pollard 8 p**62 1980 Brent, Pollard 9 2424833 1903 Western 9 P49 1990 Lenstra, Lenstra, Jr., Manasse, Pollard 9 p***99 1990 Lenstra, Lenstra, Jr., Manasse, Pollard
  • Elementary Number Theory

    Elementary Number Theory

    Elementary Number Theory Peter Hackman HHH Productions November 5, 2007 ii c P Hackman, 2007. Contents Preface ix A Divisibility, Unique Factorization 1 A.I The gcd and B´ezout . 1 A.II Two Divisibility Theorems . 6 A.III Unique Factorization . 8 A.IV Residue Classes, Congruences . 11 A.V Order, Little Fermat, Euler . 20 A.VI A Brief Account of RSA . 32 B Congruences. The CRT. 35 B.I The Chinese Remainder Theorem . 35 B.II Euler’s Phi Function Revisited . 42 * B.III General CRT . 46 B.IV Application to Algebraic Congruences . 51 B.V Linear Congruences . 52 B.VI Congruences Modulo a Prime . 54 B.VII Modulo a Prime Power . 58 C Primitive Roots 67 iii iv CONTENTS C.I False Cases Excluded . 67 C.II Primitive Roots Modulo a Prime . 70 C.III Binomial Congruences . 73 C.IV Prime Powers . 78 C.V The Carmichael Exponent . 85 * C.VI Pseudorandom Sequences . 89 C.VII Discrete Logarithms . 91 * C.VIII Computing Discrete Logarithms . 92 D Quadratic Reciprocity 103 D.I The Legendre Symbol . 103 D.II The Jacobi Symbol . 114 D.III A Cryptographic Application . 119 D.IV Gauß’ Lemma . 119 D.V The “Rectangle Proof” . 123 D.VI Gerstenhaber’s Proof . 125 * D.VII Zolotareff’s Proof . 127 E Some Diophantine Problems 139 E.I Primes as Sums of Squares . 139 E.II Composite Numbers . 146 E.III Another Diophantine Problem . 152 E.IV Modular Square Roots . 156 E.V Applications . 161 F Multiplicative Functions 163 F.I Definitions and Examples . 163 CONTENTS v F.II The Dirichlet Product .
  • Anomalous Primes and Extension of the Korselt Criterion

    Anomalous Primes and Extension of the Korselt Criterion

    Anomalous Primes and Extension of the Korselt Criterion Liljana Babinkostova1, Brad Bentz2, Morad Hassan3, André Hernández-Espiet4, Hyun Jong Kim5 1Boise State University, 2Brown University, 3Emory University, 4University of Puerto Rico, 5Massachusetts Institute of Technology Motivation Elliptic Korselt Criteria Lucas Pseudoprimes Cryptosystems in ubiquitous commercial use base their security on the dif- ficulty of factoring. Deployment of these schemes necessitate reliable, ef- Korselt Criteria for Euler and Strong Elliptic Carmichael Numbers Lucas Groups ficient methods of recognizing the primality of a number. A number that ordp(N) D; N L passes a probabilistic test, but is in fact composite is known as a pseu- Let N;p(E) be the exponent of E Z=p Z . Then, N is an Euler Let be coprime integers. The Lucas group Z=NZ is defined on elliptic Carmichael number if and only if, for every prime p dividing N, 2 2 2 doprime. A pseudoprime that passes such test for any base is known as a LZ=NZ = f(x; y) 2 (Z=NZ) j x − Dy ≡ 1 (mod N)g: Carmichael number. The focus of this research is analysis of types of pseu- 2N;p j (N + 1 − aN) : doprimes that arise from elliptic curves and from group structures derived t (N + 1 − a ) N If is the largest odd divisor of N , then is a strong elliptic Algebraic Structure of Lucas Groups from Lucas sequences [2]. We extend the Korselt criterion presented in [3] Carmichael number if and only if, for every prime p dividing N, for two important classes of elliptic pseudoprimes and deduce some of their If p is a prime and D is an integer coprime to p, then L e is a cyclic properties.
  • Offprint Provided to the Author by the Publisher

    Offprint Provided to the Author by the Publisher

    MATHEMATICS OF COMPUTATION Volume 89, Number 321, January 2020, Pages 493–514 https://doi.org/10.1090/mcom/3452 Article electronically published on May 24, 2019 AVERAGE LIAR COUNT FOR DEGREE-2 FROBENIUS PSEUDOPRIMES ANDREW FIORI AND ANDREW SHALLUE Abstract. In this paper we obtain lower and upper bounds on the average number of liars for the Quadratic Frobenius Pseudoprime Test of Grantham [Math. Comp. 70 (2001), pp. 873–891], generalizing arguments of Erd˝os and Pomerance [Math. Comp. 46 (1986), pp. 259–279] and Monier [Theoret. Com- put. Sci. 12 (1980), 97–108]. These bounds are provided for both Jacobi symbol ±1 cases, providing evidence for the existence of several challenge pseudo- primes. 1. Introduction A pseudoprime is a composite number that satisfies some necessary condition for primality. Since primes are necessary building blocks for so many algorithms, and since the most common way to find primes in practice is to apply primality testing algorithms based on such necessary conditions, it is important to gather what information we can about pseudoprimes. In addition to the practical benefits, pseudoprimes have remarkable divisibility properties that make them fascinating objects of study. The most common necessary condition used in practice is that the number has no small divisors. Another common necessary condition follows from a theorem of Fermat, that if n is prime and gcd(a, n)=1,thenan−1 =1(modn). If gcd(a, n)=1andan−1 =1 (modn) for composite n,wecalla a Fermat liar and denote by F (n) the set of Fermat liars with respect to n, or more precisely the set of their residue classes modulo n.
  • The RSA Algorithm Clifton Paul Robinson

    The RSA Algorithm Clifton Paul Robinson

    Bridgewater State University Virtual Commons - Bridgewater State University Honors Program Theses and Projects Undergraduate Honors Program 5-1-2018 The Key to Cryptography: The RSA Algorithm Clifton Paul Robinson Follow this and additional works at: http://vc.bridgew.edu/honors_proj Part of the Computer Sciences Commons Recommended Citation Robinson, Clifton Paul. (2018). The Key ot Cryptography: The RSA Algorithm. In BSU Honors Program Theses and Projects. Item 268. Available at: http://vc.bridgew.edu/honors_proj/268 Copyright © 2018 Clifton Paul Robinson This item is available as part of Virtual Commons, the open-access institutional repository of Bridgewater State University, Bridgewater, Massachusetts. The Key to Cryptography: The RSA Algorithm Clifton Paul Robinson Submitted in Partial Completion of the Requirements for Commonwealth Interdisciplinary Honors in Computer Science and Mathematics Bridgewater State University May 1, 2018 Dr. Jacqueline Anderson Thesis Co-Advisor Dr. Michael Black, Thesis Co-Advisor Dr. Ward Heilman, Committee Member Dr. Haleh Khojasteh, Committee Member BRIDGEWATER STATE UNIVERSITY UNDERGRADUATE THESIS The Key To Cryptography: The RSA Algorithm Author: Advisors: Clifton Paul ROBINSON Dr. Jackie ANDERSON Dr. Michael BLACK Submitted in Partial Completion of the Requirements for Commonwealth Honors in Computer Science and Mathematics Dr. Ward Heilman, Reading Committee Dr. Haleh Khojasteh, Reading Committee ii Dedicated to Mom, Dad, James, and Mimi iii Contents Abstractv 1 Introduction1 1.1 The Project Overview........................1 2 Theorems and Definitions2 2.1 Definitions..............................2 2.2 Theorems...............................5 3 The History of Cryptography6 3.1 Origins................................6 3.2 A Transition.............................6 3.3 Cryptography at War........................7 3.4 The Creation and Uses of RSA...................7 4 The Mathematics9 4.1 What is a Prime Number?.....................9 4.2 Factoring Numbers........................